News Archive (1999-2012) | 2013-current at LinuxGizmos | Current Tech News Portal |    About   

Device Profile: Bivio 7000 deep packet inspection appliance

Mar 12, 2007 — by LinuxDevices Staff — from the LinuxDevices Archive — 5 views

Bivio Networks has added a high-end model to its line of Linux-based network appliances for deep packet inspection. The 7000 runs the company's Linux-based BiviOS on an interesting AMP (asymmetrical multiprocessing) architecture claimed capable of wirespeed network application processing at 10… gigabits-per-second.

As with earlier Bivio network appliance platforms, the 7000 is intended for use as a network appliance platform on which engineers can implement custom applications. Company CEO Elan Amir explains, “Target markets include security application vendors, network equipment manufacturers, financial institutions, and managed network service providers planning to deliver policy-centric managed security, storage, voice, and mobility services to consumers, large financial, and enterprise customers.”

Amir adds that Bivio has a “strong presence” providing platforms to federal agencies deploying GOTS and COTS systems for network monitoring, analysis, surveillance, content filtering, and leak prevention. In other words, you may be soaking in it now.

Like Bivio's original Bivio 500 Linux-based networking appliance, the 7000 has an asymmetrical multiprocessing (AMP) architecture with separate processor sub-systems for network/data processing, application processing, and management/control processing. Amir claims this approach offers the performance of an ASIC (application-specific integrated circuit), along with the lower cost and greater flexibility of “server-based” approaches. “The 7000 is the first 10Gbps network appliance priced below $10,000,” he said.

What's under the hood?

The 7000's application processing sub-system comprises between one and six of Freescale's dual-core 1.5GHz MPC8641D PowerPC processors. Each processor supports up to 4GB of DDR2 RAM, and runs its own unique instance of Linux.

Amir said that when fully configured, the 7000's application processing subsystem offers 45,000 MIPS — enough to run “any IP network service” at wire speeds up to 10Gbps — including IDS/IDP, firewalling, VPN, network surveillance, lawful interception, and application traffic management. “Developers can use any of the standard Linux components (such as iptables) as part of their deep packet processing applications,” he notes.

Additionally, PCI Express hardware acceleration cards are available for a variety of well-defined computational tasks, including IPSec VPNs, SSL acceleration, and RegEx content processing.

The 7000's data plane processor subsystem is based on a single RMI XLR 732 clocked at 1GHz, along with up to 8GB of DDR2 RAM. The RMI chip has eight MIPS64 cores, each of which supports up to four threads — enabling 32 “virtual cores,” according to RMI.

Finally, the 7000's management subsystem is based on a single Freescale MPC8641D, also clocked at 1.5GHz, with up to 4GB of DDR2. This subsystem offers a pair of Gigabit Ethernet interfaces, a console on a serial port, and a single USB port.

The 7000's storage subsystem is based on an internal, “dual-redundant,” hot swappable SATA or SAS hard disk array sized between 73GB and 750GB.

The networking interface subsystem appears to offer a choice among several PCI Express card “modules,” including:

  • 2-port 10 Gigabit Ethernet (10GBASE-SR) with hardware bypass
  • 12-port Gigabit Ethernet (1000BASE-T) with hardware bypass
  • 6-port Fiber Gigabit Ethernet (1000BASE-SX) with hardware bypass

Other I/O includes typical PC interfaces, such as FireWire, parallel port, digital I/O, and so on.

Software side

The 7000 comes with a Linux 2.6- and Fedora Core-based BiviOS environment said to support a wide variety of off-the-shelf Linux applications. Additionally, the environment appears to include libraries and tools aimed at simplifying custom application development and porting. Amir said, “[We have] improvements to support both the multi-CPU architecture as well as the tight integration with the network processor, [in order to] minimize the effort required to run any Linux packet handling application on the platform.”

In particular, Amir touts a BiviOS featured called “Configurable Inspection Groups.” He explains, “The emergence of multi-gigabit deep-packet processing requires networking devices to employ multiple or clustered computational resources capable of application-level packet processing. These devices must distribute incoming traffic to the available computational resources, which could be separate CPUs, separate cores in a multi-core CPU, or even different cores of a highly integrated system-on-a-chip. However, each of these different resources could run different configurations, policies, or even host applications. The system therefore needs an intelligent and programmable mechanism to ensure that all packets are processed by the appropriate application, policy set and computational resource for a given flow.”

“Configurable Inspection Groups (CIGs) bind specific interfaces on a networking device to different packet classification policies and distribute incoming traffic according to their assigned policy class,” continues Amir. “Traffic can be load-balanced to CPUs, blocked at the ingress, cut-through to the egress or receive other types of special treatment according to their network protocols, source or destination addresses, VPN association, or class of service, among other characteristics.”


Bivio's “Configurable Inpection Groups”
(Click to enlarge)

Amir adds, “Similar to virtualization of servers in data centers, CIG offers dramatic efficiency gains by allowing multiple applications to co-exist while assuring each has the resources necessary for a given task. Whenever these networking applications change, the device can be reprogrammed appropriately. When traffic starts to exceed the available resources, the system can be scaled incrementally just-in-time to bring more processing power into the resource pool.”

Why Linux?

Asked why Bivio chose Linux, Amir replied, “It has evolved to the point where we do not have to make any compromises in our implementation. Linux has proven to be a mature and robust environment. Our customers prefer using Linux as the host OS for their appliance solutions based on the Bivio platform due to its widespread adoption in the industry.”

Commercial Linux support for Freescale's dual-core MPC8641D processor is available from Wind River and MontaVista; however, Bivio did the port in-house, Amir said.

Amir predicts, “Linux is here to stay, and will experience continued market share expansion.”

Bivio's current customers include SourceFire and NFR (now Checkpoint) IPS solutions, Amir said.

Availability

The Bivio 7000 appears to be available now, priced below $10,000.


 
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.



Comments are closed.